Dataprise Defense Digest

Sep 29, 2022 BY DATAPRISE

Dataprise Defense Digest

UPDATE 10/5/2022 @ 8AM Microsoft has released updated mitigation guidance for this vulnerability, which is officially known as ProxyNotShell, because the initial mitigation could be easily bypassed to exploit the vulnerabilities. The updated mitigation steps are below: * Open IIS Manager * Se...

Aug 26, 2022 BY DATAPRISE

Dataprise Defense Digest

EXECUTIVE SUMMARY On August 25th, 2022 LastPass CEO Karim Toubba confirmed that they suffered a breach in their developer environment which allowed attackers to steal source code and propriety information. LastPass is among the most widely used password managers in the world and is in use by over 3...

Jun 15, 2022 BY DATAPRISE

Dataprise Defense Digest

EXECUTIVE SUMMARY Microsoft Security Center, along with other researchers, have discovered a vulnerability in Microsoft’s support diagnostic tool(MSDT) dubbed “Follina”. It allows attackers to run remote code execution(RCE) with privilege escalation. It is currently being exploited in the wild. Mic...

Apr 25, 2022 BY DATAPRISE

Dataprise Defense Digest

EXECUTIVE SUMMARY On Tuesday, April 12th, Microsoft released patches for CVE-2022-26809 – a zero-click exploit targeting Microsoft Remote Procedure Call (RPC) Services – present in various Microsoft Windows and Windows Server Products. An unauthenticated attacker could leverage this vulnerability ...

Mar 29, 2022 BY DATAPRISE

Dataprise Defense Digest

EXECUTIVE SUMMARY On March 23, 2022 an anonymous user reported a Type Confusion vulnerability in the Google Chrome browser. On March 29, 2022, Google released a new version of their popular Chrome browser to patch the zero-day vulnerability in the Chrome browser for Windows, macOS, and Linux. Micro...

Mar 28, 2022 BY DATAPRISE

Dataprise Defense Digest

EXECUTIVE SUMMARY SonicWALL has issued a security notice for a new vulnerability affecting a number of their Firewall appliances running SonicOS. Left unpatched, this vulnerability will allow a remote, unauthenticated attacker to perform Denial of Service (DoS) or remote code execution on the firew...

Mar 08, 2022 BY DATAPRISE

Dataprise Defense Digest

EXECUTIVE SUMMARY:  On March 8th, 2022 researchers discovered a vulnerability that allows for overwriting arbitrary read-only values, including /etc/shadow, allowing unprivileged actors to overwrite values and execute privileged processes as root. This vulnerability is considered high severity and ...

Jan 30, 2022 BY DATAPRISE

Dataprise Defense Digest

EXECUTIVE SUMMARY Following the recent release of Windows 10 patches (January 11, 2022), security researchers have created a proof of concept exploit that allows a user to escalate their privileges to administrator through a specific vulnerable driver. This exploit was demonstrated to be highly eff...

Jan 26, 2022 BY DATAPRISE

Dataprise Defense Digest

EXECUTIVE SUMMARY: A vulnerability has been discovered in the Linux Polkit (aka PolicyKit) pkexec utility, which facilitates communication between non-privileged and privileged processes. Pollkit also allows non-users to run privileged commands within a set policy. When this vulnerability is exploi...

Jan 21, 2022 BY DATAPRISE

Dataprise Defense Digest

EXECUTIVE SUMMARY: Cisco has identified a new vulnerability affecting: * SD-WAN -vEdge, IOS XE hardware; vBond, vManage, vSmart, IOS XR software * Ultra Gateway * Network Services Orchestrator * Virtual Topology System * Enterprise NFV Infrastructure Software * ConfD This is a Command Lin...

Jan 21, 2022 BY DATAPRISE

Dataprise Defense Digest

EXECUTIVE SUMMARY: Cisco has identified new vulnerabilities affecting a wide range of products: * Cybervision Software * Meraki MX Series Software * Firepower Threat Defense (FTD) Software - All platforms * 1000 & 4000 series routers (ISRs) * Catalyst 8000V, 8300, 8500, 8500L Series Edge Pl...

Jan 21, 2022 BY DATAPRISE

Dataprise Defense Digest

EXECUTIVE SUMMARY: Cisco has identified two new vulnerabilities affecting the Redundancy Configuration Manager for StarOS Software. These vulnerabilities were discovered by Cisco internal testing and allow an unauthenticated remote attacker to gain root level privileges. With this elevated privileg...

Dec 17, 2021 BY DATAPRISE

Dataprise Defense Digest

Dataprise Defense Digest ID: D3-2021-0016-1 Severity: 9.1 (Critical) Published: December 17, 2021     VMware Workspace ONE UEM Console Vulnerability   EXECUTIVE SUMMARY On December 16th 2021, VMware published a known vulnerability in their Workspace ONE UEM Console that if exploited success...

Dec 11, 2021 BY DATAPRISE

Dataprise Defense Digest

EXECUTIVE SUMMARY A significant 0day Remote Code Exploit (RCE) has been identified in the open-source Java-based logging framework, Apache Log4j2. This framework is used widely in millions of web applications to facilitate logging of application error data. Attackers can exploit this vulnerability ...

Sep 10, 2021 BY DATAPRISE

Dataprise Defense Digest

EXECUTIVE SUMMARY A new vulnerability in MSHTML (Part of MS Office) is being actively exploited by malicious actors. This can enable malware execution through the MSHTML “web engine” functionality present in Office applicatons. The simplicity of opening a specially crafted MS Office document makes ...